Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,489
Maven
5,000+
npm
4,106
NuGet
735
pip
3,928
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,068 advisories

Loading
An open database issue exists in the affected product and version. The security issue stems from... High Unreviewed
CVE-2025-9364 was published Sep 9, 2025
A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization.... High Unreviewed
CVE-2025-9161 was published Sep 9, 2025
A denial-of-service security issue exists in the affected product and version. The security issue... High Unreviewed
CVE-2025-9166 was published Sep 9, 2025
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where... High Unreviewed
CVE-2025-33045 was published Sep 9, 2025
A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules,... High Unreviewed
CVE-2025-8007 was published Sep 9, 2025
A security issue exists within FactoryTalk Activation Manager. An error in the implementation of... High Unreviewed
CVE-2025-7970 was published Sep 9, 2025
A server-side request forgery security issue exists within Rockwell Automation ThinManager®... High Unreviewed
CVE-2025-9065 was published Sep 9, 2025
A security issue affecting multiple Cisco devices also directly impacts Stratix® 5410, 5700, and... High Unreviewed
CVE-2025-7350 was published Sep 9, 2025
A security issue exists in the protected mode of EN4TR devices, where sending specifically... High Unreviewed
CVE-2025-8008 was published Sep 9, 2025
A code execution security issue exists in the affected product. An attacker with physical access... High Unreviewed
CVE-2025-9160 was published Sep 9, 2025
Missing authorization checks in the Workspace Module of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0... High Unreviewed
CVE-2025-59018 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40798 was published Sep 9, 2025
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a... High Unreviewed
CVE-2025-41701 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40797 was published Sep 9, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed
CVE-2025-9539 was published Sep 9, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 ... High Unreviewed
CVE-2025-40796 was published Sep 9, 2025
When a user logs in via SAP Business One native client, the SLD backend service fails to enforce... High Unreviewed
CVE-2025-42933 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42929 was published Sep 9, 2025
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the... High Unreviewed
CVE-2025-10120 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42916 was published Sep 9, 2025
WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and... High Unreviewed
CVE-2025-55849 was published Sep 8, 2025
The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file... High Unreviewed
CVE-2025-9112 was published Sep 8, 2025
An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4... High Unreviewed
CVE-2025-52389 was published Sep 8, 2025
Assertion failure in function ngap_build_downlink_nas_transport in file src/amf/ngap-build.c, the... High Unreviewed
CVE-2025-52288 was published Sep 8, 2025
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local... High Unreviewed
CVE-2025-56803 was published Sep 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database